Bank of America chooses Sigaba

Bank of America has awarded Sigaba, a San Mateo, Calif., start-up, a multimillion-dollar deal that industry observers say is one of the largest-ever enterprise purchases of secure messaging software.

Bank of America has awarded Sigaba, a San Mateo, Calif., start-up, a multimillion-dollar deal that industry observers say is one of the largest-ever enterprise purchases of secure messaging software.

Sigaba will provide secure e-mail gateways, secure e-mail applets, authentication adapters and encryption services to Bank of America under the terms of the five-year contract (the exact amount of the deal was not disclosed). Bank of America’s IT staff evaluated products from 27 companies for the secure messaging deal, which took two years to award.

Industry analysts say the deal is a sign that the secure e-mail market is picking up steam. The technology and standards to support secure e-mail have been available for some time, but few companies could justify the cost.

Charles Kolodgy, research manager for security products at IDC, says companies are being driven to purchase secure messaging software by new privacy regulations including the Gramm-Leach-Bliley Act in the financial services industry and the Health Insurance Portability and Accountability Act in the healthcare industry.

“The Bank of America deal is significant because somebody is putting down some big bucks for five years on this project,” Kolodgy says. “This is probably the largest-ever dedicated secure messaging purchase. Even the U.S. government hasn’t bought anything this big.”

Federal regulation was at the center of Bank of America’s decision.

“Compliance with the Gramm-Leach-Bliley legislation for secure transmission of private and confidential information led us to conduct a detailed evaluation of the underlying security in the vendor products,” says Wil Koenig, senior vice president of technology and operations in Bank of America’s messaging and collaboration services group.

Koenig says the other top priorities for the bank’s secure messaging system were “implementation in a fashion that would not impose a performance degradation on our overall e-mail system . . . [and] the ability to provision the service in a manner that didn’t require our customers to download any software.”

Bank of America chose Sigaba’s software to ensure the secure delivery of confidential financial information via its existing e-mail system, which is based on Microsoft Exchange 2000.

Sigaba will provide Bank of America with its Secure E-mail Suite, which includes server software that encrypts e-mail messages sent from one organization to another according to predetermined policies. Sigaba also will provide the “send anywhere” feature, which bundles an applet inside an encrypted e-mail that lets the recipient decrypt the message regardless of the e-mail client software used.

Sigaba’s secure e-mail suite starts at $50,000 for a two-year license that supports 100 internal and 100 external users.

Initially, Bank of America will use Sigaba’s software to send encrypted e-mail to customers of its Global Treasury Services division, which had used Pretty Good Privacy desktop-encryption software. This initial phase of the Sigaba rollout will start early next year and involve several hundred Bank of America employees.

“We have a number of businesses [besides] Global Treasury Services that are interested” in the Sigaba products to meet Gramm-Leach-Bliley requirements, Koenig says. “I suspect we’ll see fairly broad acceptance across the company. . . . This is definitely one of the high-priority items on our docket.”

IDC’s Kolodgy estimates secure messaging software sales will be less than $20 million in 2002. “This deal is pretty significant,” he adds.